LISTING OF CLAIMS: 



This listing of claims will replace all prior versions and listings of claims in 
the application. 

LISTING OF CLAIMS 
1 . (Previously Presented) A method of creating a desired group of a flexible group 
structure for a network, comprising: 

a) defining one or more private groups, each private group configured for use 
by one or more first corresponding owners, each private group being unavailable to use 
by one or more non-owners; 

b) defining one or more public groups, wherein each public group is defined 
by reference to at least one of said private groups, and wherein each public group is 
configured for use by one or more second corresponding owners and said one or more 
non-owners; 

c) selecting one or more particular groups from a set of said one or more 
private groups and said one or more public groups; 

d) for each selected particular group, indicating whether said selected 
particular group is to be included in or excluded from said desired group; 

e) associating each of said selected particular groups, with reference to 
inclusion or exclusion, so as to functionally define said desired group of said flexible 
group structure; and 

f) managing network security for said network by using said desired group. 
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2. (Original) A method as recited in Claim 1 wherein said one or more private 
groups includes a dynamic group. 

3. (Original) A method as recited in Claim 1 wherein said one or more private 
groups includes an exception group. 

4. (Original) A method as recited in Claim 1 wherein each public group includes 
a public group component corresponding to each private group used to define said public 
group, wherein each public group component is configured for use by said one or more 
first corresponding owners and is unavailable to use by said one or more non-owners. 

5. (Original) A method as recited in Claim 1 wherein said desired group includes 
a plurality of users. 

6. (Original) A method as recited in Claim 1 wherein said one or more first 
corresponding owners are the same as said one or more second corresponding owners. 

7. (Original) A method as recited in Claim 1 further comprising: 
associating one or more network security privileges with said desired group. 

8. (Previously Presented) A computer-readable medium comprising computer- 
executable instructions stored therein for performing a method of creating a desired group 
of a flexible group structure for a network, comprising: 
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a) defining one or more public groups, wherein each public group is defined 
by reference to at least one of said private groups, and wherein each public group is 
configured for use by one or more second corresponding owners and said one or more 
non-owners; 

c) selecting one or more particular groups from a set of said one or more 
private groups and said one or more public groups; 

d) for each selected particular group, indicating whether said selected 
particular group is to be included in or excluded from said desired; 

e) associating each of said selected particular groups, with reference to 
inclusion or exclusion, so as to functionally define said desired group of said flexible 
group structure; and 

f) managing network security for said network by using said desired group. 

9. (Original) A computer-readable medium as recited in Claim 8 wherein said 
one or more private groups includes a dynamic group. 

10. (Original) A computer-readable medium as recited in Claim 8 wherein said 
one or more private groups includes an exception group. 

1 1 . (Original) A computer-readable medium as recited in Claim 8 wherein each 
public group includes a public group component corresponding to each private group 
used to define said public group, wherein each public group component is configured for 
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use by said one or more first corresponding owners and is unavailable to use by said one 
or more non-owners. 

12. (Original) A computer-readable medium as recited in Claim 8 wherein said 
desired group includes a plurality of users. 

13. (Original) A computer-readable medium as recited in Claim 8 wherein said 
one or more first corresponding owners are the same as said one or more second 
corresponding owners 

14. (Original) A computer-readable medium as recited in Claim 8 wherein said 
method further comprises: 

associating one or more network security privileges with said desired group. 

15. (Previously Presented) A method of creating a desired group of a flexible 
group structure for a network, comprising: 

a) defining one or more components of one or more group types; 

b) selecting one or more particular components; 

c) for each selected particular component, indicating whether said selected 
particular component is an additive component type or a subtractive component type; 

d) associating said selected one or more particular components and each 
indicated component type so as to function as said desired group of said flexible group 
structure; and 
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e) managing network security of said network by using said desired group. 



16. (Original) A method as recited in Claim 15 wherein said one or more group 
types include at least one of a public group and a private group. 

17. (Original) A method as recited in Claim 16 wherein each private group is 
configured for use by one or more first corresponding owners, and wherein each private 
group is unavailable to use by one or more non-owners. 

18. (Original) A method as recited in Claim 16 wherein each public group is 
configured for use by one or more second corresponding owners and one or more non- 
owners. 

19. (Original) A method as recited in Claim 16 wherein said private group is a 
dynamic group. 

20. (Original) A method as recited in Claim 16 wherein said private group is an 
exception group. 

21. (Original) A method as recited in Claim 16 wherein each public group is 
defined using at least one private group, and wherein each public group includes a public 
group component corresponding to each private group used to define said public group, 
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wherein each public group component is configured for use by one or more first 
corresponding owners and is unavailable to use by one or more non-owners. 

22. (Original) A method as recited in Claim 1 5 wherein said desired group 
includes a plurality of users. 

23. (Original) A method as recited in Claim 15 further comprising: 
associating one or more network security privileges with said desired group. 

24. (Previously Presented) A computer-readable medium comprising computer- 
executable instructions stored therein for performing a method of creating a desired group 
of a flexible group structure for a network, comprising: 

a) defining one or more components of one or more group types; 

b) selecting one or more particular components; 

c) for each selected particular component, indicating whether said selected 
particular component is an additive component type or a subtractive component type; 

d) associating said selected one or more particular components and each 
indicated component type so as to function as said desired group of said flexible group 
structure; and 

e) managing network security for said network by using said desired group. 

25. (Original) A computer-readable medium as recited in Claim 24 wherein said 
one or more group types include at least one of a public group and a private group. 
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26. (Original) A computer-readable medium as recited in Claim 25 wherein each 
private group is configured for use by one or more first corresponding owners, and 
wherein each private group is unavailable to use by one or more non-owners. 

27. (Original) A computer-readable medium as recited in Claim 25 wherein each 
public group is configured for use by one or more second corresponding owners and one 
or more non-owners. 

28. (Original) A computer-readable medium as recited in Claim 25 wherein said 
private group is a dynamic group. 

29. (Original) A computer-readable medium as recited in Claim 25 wherein said 
private group is an exception group. 

30. (Original) A computer-readable medium as recited in Claim 25 wherein each 
public group is defined using at least one private group, and wherein each public group 
includes a public group component corresponding to each private group used to define 
said public group, wherein each public group component is configured for use by one or 
more first corresponding owners and is unavailable to use by one or more non-owners. 

31. (Original) A computer-readable medium as recited in Claim 24 wherein said 
desired group includes a plurality of users. 
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32. (Previously Presented) A computer-readable medium as recited in Claim 24 
wherein said method further comprises: 

associating one or more network security privileges with said desired group. 

33. (Previously Presented) A method of defining a public group of a flexible 
group structure for a network, comprising: 

a) defining one or more private groups; 

b) selecting one or more particular private groups; 

c) for each selected particular private group, indicating whether said selected 
particular private group is an additive type or a subtractive type; 

d) for each selected particular private group, generating a corresponding 
public group component; 

e) generating said public group of said flexible group structure using each 
public group component and each indicated type corresponding to said selected one or 
more particular private groups; and 

f) managing network security for said network by using said public group. 

34. (Original) A method as recited in Claim 33 wherein said one or more private 
groups includes a dynamic group. 

35. (Original) A method as recited in Claim 33 wherein said one or more private 
groups includes an exception group. 
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36. (Original) A method as recited in Claim 33 wherein said public group 
includes a plurality of users. 

37. (Original) A method as recited in Claim 33 wherein each private group and 
each public group component are configured for use by one or more first corresponding 
owners, and wherein each private group and each public group component are 
unavailable to use by one or more non-owners. 

38. (Original) A method as recited in Claim 33 wherein said public group is 
configured for use by one or more second corresponding owners and one or more non- 
owners. 

39. (Previously Presented) A computer-readable medium comprising computer- 
executable instructions stored therein for performing a method of defining a public group 
of a flexible group structure for a network, comprising: 

a) defining one or more private groups; 

b) selecting one or more particular private groups; 

c) for each selected particular private group, indicating whether said selected 
particular private group is an additive type or a subtractive type; 

d) for each selected particular private group, generating a corresponding 
public group component; 

e) generating said public group of said flexible group structure 
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using each public group component and each indicated type corresponding to said 
selected one or more particular private groups; and 

f) managing network security of said network by using said public group. 

40. (Original) A computer-readable medium as recited in Claim 39 wherein said 
one or more private groups includes a dynamic group. 

41. (Original) A computer-readable medium as recited in Claim 39 wherein said 
one or more private groups includes an exception group. 

42. (Original) A computer-readable medium as recited in Claim 39 wherein said 
public group includes a plurality of users. 

43. (Original) A computer-readable medium as recited in Claim 39 wherein each 
private group and each public group component are configured for use by one or more 
first corresponding owners, and wherein each private group and each public group 
component are unavailable to use by one or more non-owners. 

44. (Original) A computer-readable medium as recited in Claim 39 wherein said 
public group is configured for use by one or more second corresponding owners and one 
or more non-owners. 
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45. (Previously Presented) A component-based group structure for a network^ 
comprising: 

a plurality of private groups; and 

a plurality of public groups, each public group having one or more public group 
components, each public group component corresponding to one of said plurality of 
private groups, wherein a desired group of said component-based group structure is 
formed by selecting and associating one or more component groups from a set of said 
private groups and said public groups, and wherein network security for said network is 
managed by using said desired group. 

46. (Original) A component-based group structure as recited in Claim 45 
wherein said private groups and said public groups can be arranged into a plurality of 
group hierarchies. 

47. (Original) A component-based group structure as recited in Claim 45 
wherein said private groups includes a dynamic group. 

48. (Original) A component-based group structure as recited in Claim 45 
wherein said private groups includes an exception group. 

49. (Original) A component-based group structure as recited in Claim 45 
wherein each private group and each public group component are configured for use by 
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one or more first corresponding owners, and wherein each private group and each public 
group component are unavailable to use by one or more non-owners. 

50. (Original) A component-based group structure as recited in Claim 45 
wherein said public group is configured for use by one or more second corresponding 
owners and one or more non-owners. 

5 1 . (Original) A component-based group structure as recited in Claim 45 
wherein said desired group is formed by selecting and associating at least one private 
group. 

52. (Original) A component-based group structure as recited in Claim 45 
wherein said desired group is formed by selecting and associating at least one public 
group. 

53. (Original) A component-based group structure as recited in Claim 45 
wherein said desired group is formed by selecting and associating at least one private 
group and at least one public group. 

54. (Previously Presented) A method of defining a plurality of group ownership 
attributes for use in a component-based group structure for a network, comprising: 

a) providing a plurality of group types of said component-based group 
structure, said group types including a private group type, a public group component 
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type, and a public group type, wherein network security for said network is managed by 
using said plurality of group types; 

b) assigning a first group ownership attribute to a private group, of said 
private group type, such that one or more first corresponding owners can use said private 
group and such that one or more non-owners are unable to use said private group; 

c) assigning a second group ownership attribute to a public group 
component, of said public group component type, such that said one or more first 
corresponding owners can use said public group component and such that said one or 
more non-owners are unable to use said public group component; and 

d) assigning a third group ownership attribute to a public group, of said 
public group type, such that one or more second corresponding owners can use said 
public group and such that said one or more non-owners can use said public group. 

55. (Original) A method as recited in Claim 54 wherein said one or more first 
corresponding owners are the same as said one or more second corresponding owners. 
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